发表新帖
发表新帖

Adding a public key to ~/.ssh/authorized_keys does not log me in automatically

前端 未结
关注
30 2590
爱一瞬间的悲伤
爱一瞬间的悲伤 2020-12-02 03:15

I added the public SSH key to the authorized_keys file. ssh localhost should log me in without asking for the password.

I did that and tried t

30条回答
  • 臣服心动
    臣服心动 (楼主)
    2020-12-02 03:44

    I have had the same issues since before, but today I had to set up one new server. What I could learn in this time...

    The basic process to allow authentication without a password is as follows:

    1. On the server, validate if your home folder has the .ssh folder. If it doesn't exist, you can create it manually with a mkdir command and then to assign the correct permissions with chmod, or otherwise you could use the same utility, ssh-keygen, to create private/public keys, but on the server for your user. This process will create the required .ssh folder.

    2. On the local machine you also need to create the private/public keys with the ssh-keygen utility.

    3. You need to move your public key to file .ssh/authorized_keys to the server. To achieve this, you can use the ssh-copy-id utility, or you can do it manually using the cat and scp commands.

    4. In the best of cases, this will allow connect to your server without a password.

    OK, now the issues that I found today: first there are several key generation algorithms: rsa, dsa, ecdsa and ed25519 and there are many releases of OpenSSH (you can have one version on your local machine and an old version on your server):

    Hint: Using ssh -v helps to see additional information when you are connecting to the server.

    OpenSSH_8.2p1 Ubuntu-4, OpenSSL 1.1.1f 31 Mar 2020

    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3

    The error in my case today was that I was trying to use a key with a "newer" generation algorithm that was not supported by the installed version of OpenSSH on the server. When I had checked the supported algorithms, another error that I found was that the server was rejecting my algorithm:

    debug1: Skipping ssh-dss key /home/user/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes

    After that, I had to change the algorithm of my key and then I could connect with the server successfully.

    OpenSSH releases notes: Link

    0 讨论(0)
 看不清?
提交回复
热议问题